remote machinery management solutions - tormatic as · remote machinery management solutions the...

Remote machinery management solutions

The world’s first security-certified remote access solution

Secomea HeadquartersSmedeholm 12-142730 HerlevDenmarkPhone: +45 88 70 86 50E-mail: [email protected] No: DK 31366038

Secomea North America3608 St-Charles Boulevard, Suite 33Kirkland (Montréal), QuebecCanada H9H 3C3Phone: +1 514-240-5880E-mail: [email protected]

Secomea ChinaA 504, 3, Juquan Road, Science Town,510630 GuangzhouChinaPhone: +86 (0)20 2810 7727E-mail: [email protected]

Secomea Japan29-6 Sarukaku-cho Shibuya-KuTokyo 150-0033JapanPhone: +81 (0)70 1502 4173E-mail: [email protected]

secure communication made easy | secomea.com

LinkManager /LinkManager MobileProgramming Access

SiteManagerEasyLogging

GateManager PortalCentral Administration

GateManagerM2M Server

SiteManagerIndustrial Gateway

PLC HMI PC

Log server

Cam

ENGINEERING THE FUTURE WITH YOUThe fourth industrial revolution is upon us, and it’s an exciting time for machine

builders and engineers of all disciplines and industries. They’re hard at work

readying their companies and their customers for a completely digitized and

automated future – otherwise known as the Industrial Internet of Things (IIoT)

– and so are we.

Leading the way in IIoTSecomea is a privately held company based in Denmark with offices and distributors located all over the world. Since 1999, we have been developing remote monitoring and management solutions for manufacturers and driving what we know today as Industry 4.0.

We are a team of device and software engineers and automation experts who understand the value of creativity and innovation. We work closely with our customers to solve their M2M challenges and deliver the right solutions for their machines and their customers. When we work together, we are paving the way for a simpler and smarter manufacturing future.

THE SIMPLEST, MOST SECURE REMOTE-MANAGEMENT SOLUTION The Secomea solution allows machine administrators to provide remote programming, monitoring and data logging of their customers’ machines. Designed for users with no IT or networking knowledge, the solution comprises 3 basic components that provide secure communication between the machine administrator and the machine, no matter where it is in the world.

Easy as ABC A. SiteManager™

Placed at the factory (hardware or software) B. LinkManager™

Web- or Windows-based client for the engineer or end user (for desktops and mobile devices) C. GateManager™

M2M server that ties together the SiteManagers and LinkManagers (Cloud-based or stand-alone)

A uniquely flexible and scalable M2M solutionSecomea’s modular design makes it easy to ensure scalability for your customers’ future process optimization and maintenance needs. Machine administrators can easily provide:

CORRECTIVE M2M IIOT PREVENTIVE M2M IIOT PREDICTIVE M2M IIOT

secure communication made easy | secomea.com2 3

SECURITY IS PRIORITY #1The simpler the solution, the more likely it is to be operated as intended, keeping

security firmly intact. The simplicity of the Secomea solution uniquely supports

and strengthens the security that’s built right into the solution as first priority.

• Strong end-to-end encryption

• Two-factor and three-factor security authentication

• Event audit trails

• Role-based account management

• Standard measures for eliminating risk of vulnerabilities resulting from mal configuration or human carelessness

The world’s first security-certified remote access solutionSecomea is the first and only remote access solution in the world to be officially security certified. The esteemed German security organization ProtectEM GmBH, which works in close cooperation with the Deggendorf Insti-tute of Technology, performed our security audit based on the following framework:

• Auditing processes according to NIST SP800-115 & ISECOM OSSTMM

• Concept auditing based on BSI (German federal office for information security), ISA 99, and IEC 62443

• Component auditing by individual component analysis and stress testing

• System auditing where end-to-end security was thoroughly assessed

Industry 4.0 enablersBased on Reference Architecture Model Industrie 4.0 (RAMI 4.0) with reference to IEC/PAS 62443-3, ProtectEM has certified Secomea products as Industry 4.0 enablers.

To view our security audits and certificates in full, go to secomea.com.

ONE OF THE TOP-SELLING SOLUTIONS IN THE INDUSTRYDeveloped specifically for the automation industry, the Secomea solution is used by machine builders and system integrators all over the world. As one of the industry’s top-selling solutions, Secomea is suited to both smaller machinery installations with low budgets and larger machine installations that require immediate action.

The Secomea solution can provide remote access to any type of industrial device, and it is endorsed by leading PLC and HMI manufacturers.

A solution for any segmentWhether you build machines for commercial industry or for public utility, the Secomea solution can meet your needs. Our customers work across almost every sector from Food and Beverage and Textiles to Packaging, Print-ing and Pharma. We also serve public customers in Water, Energy, Building Automation and more. Whatever your automation challenge, Secomea has a solution.

MACHINE BUILDERS

Food and Beverage

Packaging

Pharma & Medical

Printing

Material Handling

UTILITY

Water and Energy

Building Automation

FACTORY

Industrial Infrastructure


For machine providers and system integrators that need to fulfill service

obligations for machine installations, Secomea is an extremely cost-efficient

solution. With Secomea, you can diagnose and program the PLC or HMI device

using the native software – just as if you were on site.

HAAS MEINCKE SHARPENS ITS COMPETITIVE EDGEBased in Austria, Haas-Meincke is a leading provider of baking production lines worldwide. The machines are so advanced that servicing can only be performed by Haas-Meinke engineers. As part of their service contract, engineers must be available during the burn-in period.

Secomea helps Haas-Meincke deliver on their serv-ices in the speediest, most cost-efficient way. The first Secomea SiteManager unit installed enabled remote access to four systems in Columbia. That saved four on-site visits of up to three weeks – the engineers never left Europe, but made all programming changes to Siemens PLCs remotely.

The Secomea SiteManager is now a standard com-ponent in every machine Haas-Meincke ships. Today 400 SiteManager units are installed in their baking machines and production lines globally. They have enabled Haas-Meincke to increase their customers’ uptime and use remote access as a distinct competi-tive advantage.

HAAS-MEINCKE’S CORRECTIVE IIoT SOLUTION

THE RAW BENEFITS SIGNIFICANT TIME AND TRAVEL COSTS SAVED

IMPROVED SPEED AND QUALITY OF SERVICE

IMPROVED CUSTOMER UPTIME

COST-EFFICIENT REMOTE PROGRAMMING

Local Ethernet network

* All remote networks can have identical IP subnets

Direct IP connections (UDP/TCP)

Remote Management of Secomea Equipment

USB redirect connections

Virtual COM connections (RS232, MPI etc.)


GateManagerCloud or Own server

Connect with any Programming software

LinkManagerTechnician or Programmer

SiteManagerConnected via 2G/3G/4G

Serial attached device

USB attached device

IP devices

Corporate Firewalls

IP devices

IP devices

SiteManagerConnected via Intranet

SiteManager Embedded EXTENDED

SiteManager Embedded BASIC

10.0.0.1*

10.0.0.1*

10.0.0.1*

10.0.0.2*

10.0.0.1*


Secomea can be used to proactively prevent machinery maintenance and

downtime. Your customers can securely access PLCs and HMIs via their

mobile devices, allowing them to make their operations faster and easier.

ELTECHNO ACHIEVES ULTIMATE FLEXI-BILITY AND OPERATIONS EFFICIENCYELTECHNO offers tailored ventilation solutions as well as consultancy, installation, construction and program-ming services for process and machine control sys-tems. They adapt to their customers’ desires in terms of component choice and operator tools. One focus area is water treatment utility installations, controlled by Siemens PLCs extended with a web-based opera-tor interface, and combined with Schneider Electric IGS SCADA software for accumulating and processing data.

ELTECHNO uses SiteManager for both remote access and as an SMS Gateway for alerts generated by the PLC. LinkManager Mobile is used for accessing both the PLC operator interface and the SCADA system via Remote Desktop. LinkManager Mobile is platform independent, so customers can use their PCs, tablets or smartphones for secure remote access. ELTECHNO has the overall responsibility for the installation and can remotely program and diagnose the Siemens PLC with the Step 7 software using the Secomea LinkManager Windows software.

ELTECHNO’S PREVENTIVE IIoT SOLUTION

THE RAW BENEFITS FASTER, MORE EFFICIENT OPERATIONS AND MAINTENANCE

IMPROVED FLEXIBILITY THROUGH USE OF MOBILE DEVICES

IMPROVED SECURITY FOR MOBILE DEVICES

FAST, SECURE AND EASY REMOTE MONITORING



Direct IP connections (UDP/TCP)



GateManagerCloud or Own server

Also connect with selected Tablet apps

LinkManager MobileTechnician or Programmer

SiteManagerConnected via 2G/3G/4G

IP devices

Corporate Firewalls

IP devices

IP devices

SiteManagerConnected via Intranet

SiteManager Embedded EXTENDED

SiteManager Embedded BASIC

10.0.0.1*

10.0.0.1*

10.0.0.1*

10.0.0.2*

10.0.0.1*


When you want to offer your customers predictive maintenance services by log-

ging machine data to a central surveillance center, Secomea is the right solution.

It keeps you independent of remote networks, allowing you full control. If an issue

occurs, you can connect to the equipment for further diagnostics, programming

and upgrades.

FLSMIDTH MAKES THE SECURE, SIMPLE, SCALABLE CHOICEFLSmidth is a leading supplier of equipment and services to the global cement and mineral processing facilities, including services before, during and after construction.

A part of their services strategy is to remotely retrieve data harvested locally in the PLCs to a central server. The data is used to create production reports for cust-omers and to help perform predictive and preventive maintenance. Data collection is based on FTP access

to each PLC via a central GateManager M2M server. After the data analysis, technicians have the option to remotely connect to the monitored PLCs and perform further diagnostics and program adjustments.

FLSmidth chose the Secomea solution after a tho-rough evaluation of several industrial-access solutions. With security, ease of administration and scalability as their top priorities, Secomea was the clear choice.

FLSMIDTH’S PREDICTIVE IIoT SOLUTION

THE RAW BENEFITS SECURE, TRANSPARENT LOGGING OF DATA OVER THE INTERNET

WEB BROWSER-LIKE CONNECTIONS MAKE IT FIREWALL FRIENDLY

ALL EQUIPMENT CAN HAVE THE SAME IP ADDRESS, MAKING IT EASILY SCALABLE

REAL-TIME DATA FROM ANY DEVICE



EasyLog IP connections (UDP/TCP)


EasyLog Telnet-to-RS232 connections

Corporate FirewallsCorporate Firewall

GateManager serverCloud or Own server

Log serverCollect from devices, or have devices push data to server

SiteManagerEasyLog Client – Connected

via 2G/3G/4G

SiteManagerEasyLog Master –

Collect from devices, or have devices push

data to server

Serial attached device

IP devices

IP devices

IP devices

SiteManagerEasyLog Client – Connected via Intranet

SiteManager Embedded EasyLog Client – Connected via intranet

10.0.0.1*

10.0.0.1*

10.0.0.2*

10.0.0.1*



Need help getting started?Not sure how to put your Starter Package together? Get in touch with your local Secomea distributor to discuss your needs. Make your selection today and remotely connect tomorrow – it’s that simple.

THE COMPLETE SECOMEA STARTER PACKAGEGet up and running in only 15 minutes

The Secomea Starter Package makes it quick and easy to kickstart your remote

access experience. Available in both a SiteManager hardware or software version,

it’s all you need to get going – and you’ll be online in only 15 minutes.

COMPLETELY CUSTOMIZABLE AND SCALABLEThe Starter Package includes:

SiteManager Gateway – Choose a SiteManager hardware model with your pre-ferred Internet connectivity method, or the SiteManager Embedded software for installation on your Windows or Linux device.

GateManager BASIC – Provides administrator capabilities on a Secomea-hosted GateManager server.

LinkManager floating license – Provides your technical staff with full program-ming access to all your industrial equipment.

LinkManager Mobile license – Provides easy access to web-enabled equipment or remote desktop/VNC from a web browser on your PC, tablet or mobile phone.

EasyService FREE license subscription – Includes free phone and email support for your startup. (Allows connection of up to 100 SiteManagers, 2 LinkManager floating licenses, 8 LinkManager Mobile licenses and an unlimited number of LinkManager users.)

+ ++LinkManagerFloating license

GateManagerBASIC Account

LinkManager MobileSingle license

SiteManagerGateway

BUILD YOUR OWN STARTER PACKAGE


Flexible connectivity

The SiteManager hardware gateways

support remote access to any type of

physical communication port of indus-

trial devices. They also support mul-

tiple Internet access options via USB

adapters. This means any SiteManager

can obtain Internet access via LAN,

cellular or WiFi networks.

SiteManager FEATURES 1129 / 3329 1139 / 3339 1139 / 3339 4G 1149 / 3349

Internet accessoptions (Uplink)

4G/LTE Via USB No Integrated* Via USB

3G/GPRS-EDGE Via USB Integrated Integrated Via USB

Ethernet 10/100Mbit Yes Yes Yes Yes

WiFi Via USB Via USB Via USB Integrated

WiFi access point support No No No Yes

I/O ports (Input/Output) 2/2 2/2 2/2 2/2

Device access options

via Ethernet Yes Yes Yes Yes

via USB 2.0 port Yes Yes Yes Yes

via Serial port Yes Yes Yes Yes

via WiFi No No No Yes

DIN mountable Yes Yes Yes Yes

Device access agents (Model 11xx / 33xx) 5/25 5/25 5/25 5/25

Layer 2 and Layer 3 tunneling support Yes Yes Yes Yes

Optional EasyTunnel VPN support Yes Yes Yes Yes

EasyLogging Master/Client support Yes Yes Yes Yes

Use as local SMS gateway (Serial or Ethernet) No Yes Yes No

CPU 536 MHZ 536 MHZ 536 MHZ 536 MHZ

Forwarding/Scada agent routing speed 70 Mbps 70 Mbps 70 Mbps 70 Mbps

Operating temperature -25 > +60°C -25 > +45°C -25 > +45°C -25 > +60°C

Power feed 12-24 V/DC 12-24 V/DC 12-24 V/DC 12-24 V/DC

LAN WiFi3G 4G

Rugged certified hardwareSecomea SiteManager hardware gateways are rugged alu-minum devices designed with industrial specifications. They support all features required for operating as secure access gateways for industrial installations – from small machines to complete production lines and whole factories. All SiteManager hardware gateways are certified for global installations.

SiteManager 5 port seriesThe SiteManager is also available as a 5 port version with an integrated managed switch, available as LAN and 3G models.

Access via Intranetusing standard Web ports

Via localAccess Point

Also via web-proxy

Optional USB

LAN

Optional USB

Integrated

3G 4G

WiFi

Optional USB

Integrated

UDP/TCP UDP/TCP

USBSerial RS232

WiFiOptional

(RS485/MPI/PPI via adapter)

Industrial Device Connectivity Methods

DISCOVER IN DETAIL: SITEMANAGER HARDWARE

*4G/LTE models must be ordered for the respective destination: EMEA, US or China.


DISCOVER IN DETAIL: SITEMANAGER SOFTWAREEmbedded, lightweight softwareSecomea SiteManager Embedded is a software gateway that installs on a PC, IPC or HMI panel and enables it to operate as a secure access gateway. It runs seamlessly with any operating system, in the background as a service, and is extremely lightweight, taking no significant system resources.

No license required SiteManager Embedded can be installed, configured and connected to the GateManager without installing any license. You decide when it is connected and to which license you want to apply it. Any SiteManager Embedded software supports any activation license type.

CUSTOM INTEGRATIONSecomea is specialized in custom integration of SiteManager Embedded. Today it

is delivered as a standard component in equipment from major automation manu-

facturers. Get in touch to discuss your integration project.

SiteManager Embedded License typescompared to SiteManager hardware

SiteManager Embedded

BASIC

SiteManager EmbeddedEXTENDED

SiteManager hardware gateway

Full tunnel access to the PC/IPC/HMI Yes Yes Yes

Gateway for access to other devices No Yes Yes

Included 3G, 4G or WiFi Internet access options No No Yes

Uses the PC/IPC/HMI network access options Yes Yes No

EasyLogging Master/Client support No / No No / Yes Yes / Yes

Number of device agents (model dependent) 2 5-10 5-25

Device access via USB port / Serial port No No Yes

Functions as Corporate/Device network firewall No No Yes

Subnet Agent No Yes Yes

Access via Intranetusing standard Web ports

BASIC

EXTENDED

MULTIPLE OPERATING SYSTEM AND CPU SUPPORT: Windows Standard and Server 32/64 bit x86

Windows Embedded x86

Windows Compact (CE7) x86*

Windows Compact (CE7) ARM*

Linux x86 (various distributions)

Linux ARM (various distributions)*

VxWorks ARM*

*May be subject to custom integration.


Quick, easy access to your deviceLinkManager is designed for remote programming and servic-ing of industrial equipment. Running on Windows, it approves access to devices and displays a view of all your sites and Site-Managers. Each device is shown with its configured name, type and online status. Just locate the device you want to connect to, click it, and you are online.

Smooth compatibilityLinkManager installs a virtual adapter and runs smoothly alongside VPN clients. It is designed for both 32 and 64 bit Windows and runs inside virtual machines such as VMware, ESXi or Hyper-V.

Multiple connection opportunitiesNot only can LinkManager connect to UDP- and TCP-based equipment, but it also includes a virtual COM port driver that makes it possible to connect to Serial equipment (connected to the SiteManager) at the factory. You can even connect to a USB device connected to the SiteManager at the factory, and LinkManager will make the device appear on your PC as if it was physically plugged in.

Remote access from anywhereLinkManager Mobile allows users to remotely access equip-ment via their iPhone, iPad or Android devices. It is designed for accessing graphical interfaces on PLCs, HMIs or Webcams, for example. It also establishes connections to desktops running Linux or Windows. You simply connect to the device with LinkManager Mobile and you can start a VNC or MS Remote Desktop Client (RDP) and remotely control the device.

Scalable licensingUser accounts for LinkManager Mobile can be freely created in the GateManager Portal – part of the Starter Package. User accounts allow monitoring of equipment status and viewing of event logs. Applying a LinkMana ger Mobile license to the ac-count will further allow you to connect to the equipment’s user interface and remote desktop.

LINKMANAGER KEY FEATURES

Supports both 32 and 64 bit Windows

“VPN-like” access to equipment

Access to web-enabled devices

Access to Remote Desktop (VNC/RDP)

Access to USB and Serial devices

Layer 2 and Layer 3 tunneling access

Browser operated

LINKMANAGER MOBILE KEY FEATURES

Operated from any platform with a browser

Supports PCs, iPhones, iPads and Android devices

Access to web-enabled devices

Access to Remote Desktop (VNC/RDP)

Access for selected handheld APPs

DISCOVER IN DETAIL: LINKMANAGER

LINKMANAGER MOBILE


The center of your solutionThe GateManager™ M2M server is the central component of the Secomea solution. Typically it is offered as a service hosted by Secomea, or by one of our distributors, but you can also choose to host your own GateManager. Through the web-based GateManager Portal you can administer accounts, manage SiteManagers and devices, and much more.

The GateManager also operates as a secure termination point for all LinkManagers and SiteManagers. All connections and the encrypted traffic between LinkManagers and devices controlled by SiteManagers are handled by the GateManager, which also logs all events.

IN THE GATEMANAGER PORTAL, YOU CAN:

Configure EasyLogging with drag’n’drop

Administer all user accounts

Configure SiteManagers individually or in bulk

Replace SiteManagers based on auto backups

Organize accounts and devices in domains

Upgrade SiteManagers individually or in bulk

Bulk firmware upgrade SiteManagers

Administer access to specific devices

Configure event alerts

Monitor event logs

Analyze detailed Usage Statistics

GateManager cloud serversThe GateManager cloud server is designed to deliver the convenience of fast and easy web access, while avoiding own server setups. When you choose the GateManager cloud server, you receive an isolated private domain on the GateManager M2M server.

GATEMANAGER CLOUD SERVICE ACCOUNT TYPE COMPARISON BASIC PREMIUM

FREE with the Starter Package Yes No

Create and manage LinkManager user accounts Yes Yes

Organize equipment in domain tree structure and give differentiated user access No Yes

Access the LinkManager Admin GUI of the connected users Yes Yes

View status on all connected equipment Yes Yes

Associate email alarms to devices No Yes

Access audit-logs (who connected to what, when) Yes Yes

Activation of EasyLogging/Usage Statistics module No Yes

Create Co-administrator accounts No Yes

DISCOVER IN DETAIL: GATEMANAGER SERVERS


GET IN TOUCH TO START

To order your Secomea Starter package or discuss the solution that’s right for you, contact us or your local Secomea distributor. Or find more information at secomea.com

GateManager for Amazon Cloud serverAmazon Web Services (AWS) allows you to freely select your preferred global region for your cloud server. Amazon is among the largest global VPS providers.

GateManager 4260 Hardware serverFor machine builders who want to be in full control with a hardened platform installed locally, we also offer the Gate Manager 4260 hardware server. Suitable for small- to medium-sized installations, the 4260 hardware server is robustly built, and its administrator portal has the same look and feel as the software GateManagers. With its integrated export functions, you can easily migrate to other GateManager models.

START ENGINEERING THE FUTURE TODAYSecomea is the simplest, most secure remote-management solution on the mar-

ket. With the Secomea solution, your company can offer your customers reduced

management and maintenance times and significantly increased uptime. Find out

what our customers are saying here.

To read more customer cases and references, go to secomea.com

The Secomea solution helps us resolve about 50% of the issues that would normally require on-site visits. This allows us to provide fast and time-ly quality service. The Secomea solution’s ease of setup and use, combined with Secomea’s excellent support, means that we can keep full focus on the customer’s issue. Secomea is also the only solution we have seen that can remotely access our USB connected devices.

ASME A/S

The Secomea solution’s biggest advantage is its ease of installation. If there is an existing network, you just plug the SiteManager in, and if not, it automatically uses the 3G network. This means we have focus on our core business, and do not have to spend time on IT.

SE Big Blue

The security offered by Secomea is also really important for us. While IT departments are usually paranoid about remote access, they are generally convinced by Secomea’s security credentials.

Applied Automation

GATEMANAGER SOLUTIONS

GET IN TOUCH TO START

To order your Secomea Starter Package or discuss the solution that’s

right for you, contact us or your local Secomea distributor. Or find more

information at secomea.com

GateManager 8250 Linux serverThe GateManager 8250 can be installed on your own Linux platform either as a stand-alone server or on a virtual private server in a hosting center.

GateManager 9250 virtual serverThe GateManager 9250 is delivered as a platform-independent,virtual-image server. It’s ready to run in a VMware, ESXi orHyper-V virtualized environment.

23secure communication made easy | secomea.com22

remote machinery management solutions - tormatic as · remote machinery management solutions the...

Documents